Jason,
[you should ask this on rest-discuss
http://tech.groups.yahoo.com/group/rest-discuss/ ]
On 17 May, 2011,at 11:11 PM, Jason Erickson <jason_at_jasonerickson.com> wrote:
> This is not really a Jersey question but a general REST question. I would be happy if someone wants to suggest a different place to pose the question, but I'm starting here. Anyway, here it is:
>
> I have a URL like this: ws/savedCriteria that will return a different result depending on who is authenticated, which is a problem whether I store the authentication in a session or not.
If you use a session you are not doing REST - but I suspect you know that. Just in case ...
> I would like to fix this in a backward compatible way. I'm not firm on the new URL - but say it's ws/users/{userid}/config/savedCriteria.
>
> When an older client makes a request to ws/savedCriteria with an authenticated user = foouser, should I return a 301 with ws/users/foouser/config/savedCriteria? Every distinct user who requests ws/savedCriteria will be redirected to a different URL, so a "Moved Permanently" seems not quite right.
Why not? The redirect is permanent for this authenticated user. 301 is fine.
Jan
However, 302 implies moved temporarily, which is also wrong. 303 looks technically correct since the RFC says, "The new URI is not a substitute reference for the originally requested resource. The 303 response MUST NOT be cached, but the response to the second (redirected) request might be cacheable." However, I have never seen 303 used this way.
>
> Does anyone have any thoughts on this?
>